Changeset 275
- Timestamp:
- Mar 10, 2010, 9:24:17 PM (15 years ago)
- Location:
- trunk
- Files:
-
- 11 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Makefile.in
r272 r275 160 160 $(srcsrc)/sh_pthread.c $(srcsrc)/sh_string.c \ 161 161 $(srcsrc)/sh_log_parse_syslog.c $(srcsrc)/sh_log_parse_pacct.c \ 162 $(srcsrc)/sh_log_parse_samba.c \162 $(srcsrc)/sh_log_parse_samba.c $(srcsrc)/sh_log_parse_generic.c \ 163 163 $(srcsrc)/sh_log_parse_apache.c $(srcsrc)/sh_log_evalrule.c \ 164 164 $(srcsrc)/sh_log_correlate.c $(srcsrc)/sh_log_mark.c \ … … 181 181 sh_log_parse_syslog.o sh_log_parse_pacct.o sh_log_parse_apache.o \ 182 182 sh_log_parse_samba.o sh_log_evalrule.o sh_log_check.o \ 183 sh_log_parse_generic.o \ 183 184 sh_log_correlate.o sh_log_mark.o sh_log_repeat.o \ 184 185 sh_pthread.o sh_string.o sh_inotify.o dnmalloc.o … … 1733 1734 sh_log_parse_apache.o: $(srcsrc)/sh_log_parse_apache.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_log_check.h $(srcinc)/sh_utils.h $(srcinc)/sh_string.h 1734 1735 sh_log_evalrule.o: $(srcsrc)/sh_log_evalrule.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utils.h $(srcinc)/sh_string.h $(srcinc)/sh_log_check.h $(srcinc)/sh_log_evalrule.h $(srcinc)/sh_log_correlate.h $(srcinc)/sh_log_mark.h $(srcinc)/sh_log_repeat.h $(srcinc)/zAVLTree.h 1735 sh_log_check.o: $(srcsrc)/sh_log_check.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_string.h $(srcinc)/sh_log_check.h $(srcinc)/sh_log_evalrule.h $(srcinc)/sh_log_correlate.h $(srcinc)/sh_log_mark.h $(srcinc)/sh_log_repeat.h $(srcinc)/sh_ modules.h1736 sh_log_check.o: $(srcsrc)/sh_log_check.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_string.h $(srcinc)/sh_log_check.h $(srcinc)/sh_log_evalrule.h $(srcinc)/sh_log_correlate.h $(srcinc)/sh_log_mark.h $(srcinc)/sh_log_repeat.h $(srcinc)/sh_extern.h $(srcinc)/sh_modules.h 1736 1737 sh_log_parse_samba.o: $(srcsrc)/sh_log_parse_samba.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_log_check.h $(srcinc)/sh_string.h 1737 1738 sh_nmail.o: $(srcsrc)/sh_nmail.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_mem.h $(srcinc)/sh_mail.h $(srcinc)/sh_tiger.h $(srcinc)/sh_string.h $(srcinc)/sh_utils.h $(srcinc)/sh_fifo.h $(srcinc)/sh_filter.h $(srcinc)/sh_mail_int.h $(srcinc)/zAVLTree.h … … 1741 1742 sh_log_mark.o: $(srcsrc)/sh_log_mark.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_mem.h $(srcinc)/sh_string.h $(srcinc)/sh_error_min.h $(srcinc)/sh_log_check.h $(srcinc)/sh_log_evalrule.h $(srcinc)/zAVLTree.h 1742 1743 sh_log_repeat.o: $(srcsrc)/sh_log_repeat.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utils.h $(srcinc)/sh_string.h $(srcinc)/sh_log_check.h $(srcinc)/sh_log_evalrule.h 1744 sh_log_parse_generic.o: $(srcsrc)/sh_log_parse_generic.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_log_check.h $(srcinc)/sh_string.h -
trunk/configure.ac
r272 r275 12 12 dnl start 13 13 dnl 14 AM_INIT_AUTOMAKE(samhain, 2.6. 2)14 AM_INIT_AUTOMAKE(samhain, 2.6.3) 15 15 AC_DEFINE([SAMHAIN], 1, [Application is samhain]) 16 16 AC_CANONICAL_HOST -
trunk/depend.dep
r269 r275 73 73 sh_log_parse_apache.o: $(srcsrc)/sh_log_parse_apache.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_log_check.h $(srcinc)/sh_utils.h $(srcinc)/sh_string.h 74 74 sh_log_evalrule.o: $(srcsrc)/sh_log_evalrule.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utils.h $(srcinc)/sh_string.h $(srcinc)/sh_log_check.h $(srcinc)/sh_log_evalrule.h $(srcinc)/sh_log_correlate.h $(srcinc)/sh_log_mark.h $(srcinc)/sh_log_repeat.h $(srcinc)/zAVLTree.h 75 sh_log_check.o: $(srcsrc)/sh_log_check.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_string.h $(srcinc)/sh_log_check.h $(srcinc)/sh_log_evalrule.h $(srcinc)/sh_log_correlate.h $(srcinc)/sh_log_mark.h $(srcinc)/sh_log_repeat.h $(srcinc)/sh_ modules.h75 sh_log_check.o: $(srcsrc)/sh_log_check.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_string.h $(srcinc)/sh_log_check.h $(srcinc)/sh_log_evalrule.h $(srcinc)/sh_log_correlate.h $(srcinc)/sh_log_mark.h $(srcinc)/sh_log_repeat.h $(srcinc)/sh_extern.h $(srcinc)/sh_modules.h 76 76 sh_log_parse_samba.o: $(srcsrc)/sh_log_parse_samba.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_log_check.h $(srcinc)/sh_string.h 77 77 sh_nmail.o: $(srcsrc)/sh_nmail.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_mem.h $(srcinc)/sh_mail.h $(srcinc)/sh_tiger.h $(srcinc)/sh_string.h $(srcinc)/sh_utils.h $(srcinc)/sh_fifo.h $(srcinc)/sh_filter.h $(srcinc)/sh_mail_int.h $(srcinc)/zAVLTree.h … … 81 81 sh_log_mark.o: $(srcsrc)/sh_log_mark.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_mem.h $(srcinc)/sh_string.h $(srcinc)/sh_error_min.h $(srcinc)/sh_log_check.h $(srcinc)/sh_log_evalrule.h $(srcinc)/zAVLTree.h 82 82 sh_log_repeat.o: $(srcsrc)/sh_log_repeat.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utils.h $(srcinc)/sh_string.h $(srcinc)/sh_log_check.h $(srcinc)/sh_log_evalrule.h 83 sh_log_parse_generic.o: $(srcsrc)/sh_log_parse_generic.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_log_check.h $(srcinc)/sh_string.h -
trunk/depend.sum
r269 r275 1 2302754398 1 315325077 -
trunk/docs/Changelog
r272 r275 1 2.6.3: 2 * Fix bug in mail module, recipients incorrectly flagged 3 as aliases, which breaks immediate mail for 'alert' 4 (reported by Jesse) 5 1 6 2.6.2: 2 7 * Makefile.in: fix problem in deploy system caused -
trunk/include/sh_extern.h
r211 r275 35 35 */ 36 36 int sh_ext_popen (sh_tas_t * task); 37 38 /* 39 * -- generic simple safe popen; returns 0 on success, -1 otherwise, 40 * executes shell command 41 */ 42 int sh_ext_popen_init (sh_tas_t * task, char * command); 37 43 38 44 /* -
trunk/include/sh_log_check.h
r271 r275 26 26 #define SH_LOGFILE_REWIND (1<<1) 27 27 #define SH_LOGFILE_PIPE (1<<2) 28 #define SH_LOGFILE_NOFILE (1<<3) 28 29 29 30 struct sh_logfile … … 52 53 }; 53 54 55 /* Generic callback function to parse fileinfo. 56 */ 57 void * sh_eval_fileinfo_generic(char * str); 58 59 /* Generic parser info. 60 */ 61 struct sh_logrecord * sh_parse_generic (sh_string * logline, void * fileinfo); 62 63 54 64 /**************************************************************** 55 65 ** … … 59 69 /* Open file, position at stored offset. */ 60 70 int sh_open_for_reader (struct sh_logfile * logfile); 71 72 /* Simple line reader for executed shell command */ 73 sh_string * sh_command_reader (sh_string * record, 74 struct sh_logfile * logfile); 75 76 /* Wrapper for sh_command_reader */ 77 sh_string * sh_read_shell (sh_string * record, struct sh_logfile * logfile); 61 78 62 79 /* Simple line reader. */ -
trunk/src/sh_extern.c
r252 r275 809 809 } 810 810 811 int sh_ext_popen_init (sh_tas_t * task, char * command) 812 { 813 int status; 814 815 sh_ext_tas_init(task); 816 817 (void) sh_ext_tas_add_envv (task, _("SHELL"), 818 _("/bin/sh")); 819 (void) sh_ext_tas_add_envv (task, _("PATH"), 820 _("/sbin:/bin:/usr/sbin:/usr/bin:/usr/ucb")); 821 (void) sh_ext_tas_add_envv (task, _("IFS"), " \n\t"); 822 if (sh.timezone != NULL) 823 { 824 (void) sh_ext_tas_add_envv(task, "TZ", sh.timezone); 825 } 826 827 sh_ext_tas_command(task, _("/bin/sh")); 828 829 (void) sh_ext_tas_add_argv(task, _("/bin/sh")); 830 (void) sh_ext_tas_add_argv(task, _("-c")); 831 (void) sh_ext_tas_add_argv(task, command); 832 833 task->rw = 'r'; 834 task->fork_twice = S_FALSE; 835 836 status = sh_ext_popen(task); 837 838 return status; 839 } 840 811 841 /* Execute command, return first line of output 812 842 * ifconfig | grep -1 lo | tail -n 1 | sed s/.*inet addr:\([0-9.]*\)\(.*\)/\1/ … … 822 852 SL_ENTER(_("sh_ext_popen_str")); 823 853 824 sh_ext_tas_init(&task); 825 826 (void) sh_ext_tas_add_envv (&task, _("SHELL"), 827 _("/bin/sh")); 828 (void) sh_ext_tas_add_envv (&task, _("PATH"), 829 _("/sbin:/bin:/usr/sbin:/usr/bin:/usr/ucb")); 830 (void) sh_ext_tas_add_envv (&task, _("IFS"), " \n\t"); 831 if (sh.timezone != NULL) 832 { 833 (void) sh_ext_tas_add_envv(&task, "TZ", sh.timezone); 834 } 835 836 sh_ext_tas_command(&task, _("/bin/sh")); 837 838 (void) sh_ext_tas_add_argv(&task, _("/bin/sh")); 839 (void) sh_ext_tas_add_argv(&task, _("-c")); 840 (void) sh_ext_tas_add_argv(&task, command); 841 842 task.rw = 'r'; 843 task.fork_twice = S_FALSE; 844 845 status = sh_ext_popen(&task); 854 status = sh_ext_popen_init (&task, command); 846 855 847 856 if (status != 0) 848 857 { 849 858 sh_error_handle(SH_ERR_ALL, FIL__, __LINE__, status, MSG_E_SUBGEN, 850 859 _("Could not open pipe"), _("sh_ext_popen_str")); 851 860 SL_RETURN ((NULL), _("sh_ext_popen_str")); 852 861 } 853 862 854 /* ignore SIGPIPE (instead get EPIPE if connection is closed)855 */856 new_act.sa_handler = SIG_IGN;857 (void) retry_sigaction (FIL__, __LINE__, SIGPIPE, &new_act, &old_act);858 863 /* ignore SIGPIPE (instead get EPIPE if connection is closed) 864 */ 865 new_act.sa_handler = SIG_IGN; 866 (void) retry_sigaction (FIL__, __LINE__, SIGPIPE, &new_act, &old_act); 867 859 868 /* read from the open pipe 860 869 */ -
trunk/src/sh_log_check.c
r272 r275 39 39 #include "sh_log_mark.h" 40 40 #include "sh_log_repeat.h" 41 #include "sh_extern.h" 41 42 42 43 /* List of supported logfile types, format is … … 57 58 { "PACCT", sh_read_pacct, sh_parse_pacct, NULL }, 58 59 #endif 60 { "SHELL", sh_read_shell, sh_parse_generic, sh_eval_fileinfo_generic }, 59 61 }; 60 62 … … 237 239 } 238 240 239 if (splits[1][0] != '/' )241 if (splits[1][0] != '/' && 0 != strcmp(splits[0], _("SHELL"))) 240 242 { 241 243 sh_string * msg = sh_string_new(0); … … 258 260 259 261 thisfile->filename = filename; 260 thisfile->flags = SH_LOGFILE_REWIND; 262 if (strcmp(splits[0], _("SHELL"))) 263 thisfile->flags = SH_LOGFILE_NOFILE; 264 else 265 thisfile->flags = SH_LOGFILE_REWIND; 261 266 thisfile->inode = 0; 262 267 thisfile->device_id = 0; … … 323 328 /* Try reading saved offset. On success clear rewind flag. 324 329 */ 325 if (0 == stat(thisfile->filename, &buf)) 326 { 327 if (S_ISREG(buf.st_mode) 330 if ((thisfile->flags & SH_LOGFILE_NOFILE) == 0) 331 { 332 if (0 == stat(thisfile->filename, &buf)) 333 { 334 if (S_ISREG(buf.st_mode) 328 335 #ifdef S_ISLNK 329 || S_ISLNK(buf.st_mode)336 || S_ISLNK(buf.st_mode) 330 337 #endif 331 ) 332 { 333 thisfile->inode = buf.st_ino; 334 thisfile->device_id = buf.st_dev; 338 ) 339 { 340 thisfile->inode = buf.st_ino; 341 thisfile->device_id = buf.st_dev; 342 343 if (0 != read_pos(thisfile)) 344 { 345 thisfile->flags &= ~SH_LOGFILE_REWIND; 346 } 347 } 348 else if (S_ISFIFO(buf.st_mode)) 349 { 350 thisfile->inode = buf.st_ino; 351 thisfile->device_id = buf.st_dev; 352 thisfile->flags |= SH_LOGFILE_PIPE; 353 } 354 } 355 else 356 { 357 sh_string * msg = sh_string_new(0); 358 sh_string_add_from_char(msg, _("Logfile is not a regular file, link, or named pipe: ")); 359 sh_string_add_from_char(msg, splits[1]); 335 360 336 if (0 != read_pos(thisfile)) 337 { 338 thisfile->flags &= ~SH_LOGFILE_REWIND; 339 } 340 } 341 else if (S_ISFIFO(buf.st_mode)) 342 { 343 thisfile->inode = buf.st_ino; 344 thisfile->device_id = buf.st_dev; 345 thisfile->flags |= SH_LOGFILE_PIPE; 346 } 347 } 348 else 349 { 350 sh_string * msg = sh_string_new(0); 351 sh_string_add_from_char(msg, _("Logfile is not a regular file, link, or named pipe: ")); 352 sh_string_add_from_char(msg, splits[1]); 353 354 SH_MUTEX_LOCK(mutex_thread_nolog); 355 sh_error_handle(SH_ERR_ERR, FIL__, __LINE__, 0, MSG_E_SUBGEN, 356 sh_string_str(msg), 357 _("sh_add_watch")); 358 SH_MUTEX_UNLOCK(mutex_thread_nolog); 359 sh_string_destroy(&msg); 360 361 SH_FREE(filename); 362 SH_FREE(thisfile); 363 SH_FREE(new); 364 return -1; 361 SH_MUTEX_LOCK(mutex_thread_nolog); 362 sh_error_handle(SH_ERR_ERR, FIL__, __LINE__, 0, MSG_E_SUBGEN, 363 sh_string_str(msg), 364 _("sh_add_watch")); 365 SH_MUTEX_UNLOCK(mutex_thread_nolog); 366 sh_string_destroy(&msg); 367 368 SH_FREE(filename); 369 SH_FREE(thisfile); 370 SH_FREE(new); 371 return -1; 372 } 365 373 } 366 374 … … 380 388 sh_watched_logs = thisfile->next; 381 389 382 if ((thisfile->flags & SH_LOGFILE_PIPE) == 0) 390 if ((thisfile->flags & SH_LOGFILE_NOFILE) == 0 && 391 (thisfile->flags & SH_LOGFILE_PIPE) == 0) 383 392 { 384 393 save_pos(thisfile); 385 394 } 386 395 387 if (thisfile->fp) 388 sl_fclose(FIL__, __LINE__, thisfile->fp); 396 if ((thisfile->flags & SH_LOGFILE_NOFILE) == 0) 397 { 398 if (thisfile->fp) 399 sl_fclose(FIL__, __LINE__, thisfile->fp); 400 } 401 389 402 if (thisfile->filename) 390 403 SH_FREE(thisfile->filename); … … 677 690 sh_string * sh_default_reader (sh_string * s, struct sh_logfile * logfile) 678 691 { 679 int status;692 volatile int status; 680 693 char * tmp; 681 694 … … 712 725 if (0 != sh_open_for_reader(logfile)) 713 726 goto start_read; 727 728 return NULL; 729 } 730 731 sh_string * sh_command_reader (sh_string * s, struct sh_logfile * logfile) 732 { 733 sh_tas_t task; 734 struct sigaction new_act; 735 struct sigaction old_act; 736 737 volatile int status; 738 char * tmp; 739 740 start_read: 741 742 if (logfile->fp) 743 { 744 /* ignore SIGPIPE (instead get EPIPE if connection is closed) 745 */ 746 new_act.sa_handler = SIG_IGN; 747 (void) retry_sigaction (FIL__, __LINE__, SIGPIPE, &new_act, &old_act); 748 749 /* Result cannot be larger than 8192, thus cast is ok 750 */ 751 status = (int) sh_string_read(s, logfile->fp, 8192); 752 753 /* restore old signal handler 754 */ 755 (void) retry_sigaction (FIL__, __LINE__, SIGPIPE, &old_act, NULL); 756 757 if (status <= 0) 758 { 759 sh_ext_pclose (&task); 760 logfile->fp = NULL; 761 sh_string_destroy(&s); 762 763 if (status == 0) 764 { 765 return NULL; 766 } 767 768 SH_MUTEX_LOCK(mutex_thread_nolog); 769 tmp = sh_util_safe_name (logfile->filename); 770 sh_error_handle((-1), FIL__, __LINE__, 0, MSG_LOGMON_EREAD, 771 tmp); 772 SH_FREE(tmp); 773 SH_MUTEX_UNLOCK(mutex_thread_nolog); 774 775 return NULL; 776 } 777 return s; 778 } 779 780 status = sh_ext_popen_init (&task, logfile->filename); 781 if (0 == status) 782 { 783 logfile->fp = task.pipe; 784 goto start_read; 785 } 786 else 787 { 788 SH_MUTEX_LOCK(mutex_thread_nolog); 789 sh_error_handle(SH_ERR_ALL, FIL__, __LINE__, status, MSG_E_SUBGEN, 790 _("Could not open pipe"), _("sh_command reader")); 791 SH_MUTEX_UNLOCK(mutex_thread_nolog); 792 } 714 793 715 794 return NULL; -
trunk/src/sh_mail.c
r272 r275 581 581 ++failcount; 582 582 583 SL_RETURN((- 1), _("sh_mail_msg"));583 SL_RETURN((-2), _("sh_mail_msg")); 584 584 } 585 585 else … … 816 816 { 817 817 rollback_list(fifo_mail); 818 retval = - 1;818 retval = -3; 819 819 } 820 820 else -
trunk/src/sh_nmail.c
r273 r275 108 108 109 109 SH_MUTEX_LOCK_UNSAFE(mutex_listall); 110 if (0 == check_double(str, all_recipients, S_TRUE))110 if (0 != check_double(str, all_recipients, S_TRUE)) 111 111 { 112 112 new->isAlias = 1; … … 207 207 for (i = 0; i < nfields; ++i) { 208 208 if (0 == check_double(array[i], all_recipients, S_TRUE)) 209 nflag = 1; 209 nflag = 1; /* not in all_recipients --> bad */ 210 210 } 211 211 … … 406 406 */ 407 407 if (flagit && list->isAlias == 0) 408 list->send_mail = 1; 408 { 409 list->send_mail = 1; 410 } 409 411 list = list->all_next; 410 412 } … … 518 520 if (retval != 0) 519 521 { 522 sh_error_handle (SH_ERR_ALL, FIL__, __LINE__, 523 retval, MSG_E_SUBGEN, 524 _("could not mail immediately"), 525 _("sh_nmail_msg") ); 520 526 sh_mail_pushstack(level, message, alias); 521 527 }
Note:
See TracChangeset
for help on using the changeset viewer.